IN THE CLAIMS: 

Claims 3-4, 6, 10, 14 and 19 are amended herein. Claims 1, 2, 5, 13, and 22-24 are 
hereby cancelled without prejudice or disclaimer. No new claims have been added. All 
pending claims and their present status are produced below. 

1-2. (Canceled) 

3. (Currently Amended) Th e m e thod of claim 2, A method for roaming in a 
network environment, the network environment comprising a first bridge device at a first 
location, a second bridge device at a second location, and a mobile device which roams from 
the first location to the second location, comprising the steps of: 

(a) creating a token by the first bridge device, wherein the token comprises an 
identity of a context associated with the mobile device, wherein creating the token by the first 
bridge device comprises: 

(al) creating a first message by the first bridge device, wherein the first 
message comprises a first random number encrypted using a public key of the mobile 
device; and 

(a2) creating a second message by the first bridge device, wherein the 
second message comprises a digital signature for the first random number and the 
identity, and wherein the digital signature is an encrypted hash of the first random 
number and the identity [[.]] ; 

(b) securely providing the token to the mobile device by the first bridge device, 
wherein the token securely provided to the mobile device by the first bridge device comprises 
the first message and the second message: 

Case 23569-1 082 1 (Amendment A) 

U.S. Serial No. 09/922,429 2 

23569/0 1 000/DOCS/l 5 69963 . 1 



(c) securely providing the token to the second bridge device by the mobile device: 

(d) securely providing the token to the first bridge device by the second bridge 

device: 

(e) determining if the token fi"om the second bridge device is authentic by the first 
bridge device: and 

(f) securely providing the context to the second bridge device by the first bridge 
device, if the token fi-om the second bridge device is authentic. 

4. (Currently Amended) Th e m e thod of claim 2, fiirth e r comprising: A method 
for roaming in a network environment, the network environment comprising a first bridge 
device at a first location, a second bridge device at a second location, and a mobile device 
which roams fi"om the first location to the second location, comprising the steps of: 

(a) creating a token by the first bridge device, wherein the token comprises an 
identity of a context associated with the mobile device, wherein creating the token by the first 
bridge device comprises: 

(al) creating a first message by the first bridge device, wherein the first 

message comprises a first random number encrypted using a public key of the mobile 

device; 

(al) creating a second message by the first bridge device, wherein the 
second message comprises a digital signature for the first random number and the 
identity: and 

(a3) creating a third message by the first bridge device, wherein the third 
message comprises the first random number and the identity encrypted using a public 
key of the first bridge device , wh e r e in th e token s e cur e ly provid e d to th e mobil e 
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d e vic e by tho first bridg e d e vice oompriG e G th e first m e ssag e , tho Gocond m e osago, and 
th e third m e ssag e , i 

(b) securely providing the token to the mobile device by the first bridge device, 
wherein the token securely provided to the mobile device by the first bridge device comprises 
the first message, the second message, and the third message: 

(c) securely providing the token to the second bridge device by the mobile device; 

(d) securely providing the token to the first bridge device by the second bridge 

device: 

(e) determining if the token firom the second bridge device is authentic by the first 
bridge device: and 

(f) securely providing the context to the second bridge device by the first bridge 
device, if the token from the second bridge device is authentic. 

5. (Canceled) 

6. (Currently Amended) Th e m e thod of claim 1 , wh e r e in th e s e cur e ly providing 
step (c) compris e s: A method for roaming in a network environment, the network 
environment comprising a first bridge device at a first location, a second bridge device at a 
second location, and a mobile device which roams fi-om the first location to the second 
location, comprising the steps of: 

(a) creating a token by the first bridge device, wherein the token comprises an 
identity of a context associated with the mobile device: 

(b) securely providing the token to the mobile device by the first bridge device: 

(c) securely providing the token to the second bridge device by the mobile device, 
wherein securely providing the token to the second bridge device comprises: 
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(cl) obtaining a first random number by the mobile device by decrypting a 
first message of the token securely provided to the mobile device by the first bridge 
device using a private key of the mobile device; and 

(c2) creating a fourth message by the mobile device, wherein the fourth 
message comprises the first random number encrypted using a pubUc key of the 
second bridge device, wherein the token securely provided to the second bridge 
device by the mobile device comprises the fourth message and a second message ; 

[[.]] 

f d) securely providing the token to the first bridge device bv the second bridge 

device: 

fe) determining if the token fi-om the second bridge device is authentic bv the first 
bridge device: and 

( f) securelv providing the context to the second bridge device bv the first bridge 
device, if the token fi"om the second bridge device is authentic. 

7. (Original) The method of claim 6, wherein the first message was created by 
the first bridge device, wherein the first message comprises the first random number 
encrypted using a public key of the mobile device. 

8. (Original) The method of claim 6, wherein the second message was created 
by the first bridge device, wherein the second message comprises a digital signature for the 
first random number and the identity. 

9. (Original) The method of claim 6, wherein the token securely provided to the 
second bridge device by the mobile device fiirther comprises a third message, wherein the 
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third message was created by the first bridge device, wherein the third message comprises the 
first random number and the identity encrypted using a pubUc key of the first bridge device. 

10. (Currently Amended) Th e m e thod of claim 1, whoroin th e s e cur e ly s e nding 
st e p (d) compris e s: A method for roaming in a network environment the network 
environment comprising a first bridge device at a first location, a second bridge device at a 
second location, and a mobile device which roams from the first location to the second 
location, comprising the steps of: 

fa) creating a token by the first bridge device, wherein the token comprises an 
identity of a context associated with the mobile device: 

(b) securely providing the token to the mobile device by the first bridge device: 

(c) securely providing the token to the second bridge device by the mobile device: 

(d) securely providing the token to the first bridge device by the second bridge 
device, wherein securely providing the token to the first bridge device by the second bridge 
device comprises: 

(dl) obtaining a first random number by the second bridge device by 
decrypting a fourth message of the token securely provided to the second bridge 
device by the mobile device using a private key of the second bridge device; 

(d2) creating a fifth message by the second bridge device, wherein the fifth 
message comprises a second random number encrypted using the first random 
number; and 

(d3) creating a sixth message by the second bridge device, wherein the 
sixth message comprises the second random number encrypted using a public key of 
the first bridge device, wherein the token securely provided to the first bridge device 
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by the second bridge device comprises the fifth message, the sixth message, and a 
second message i [[.]] 

(e) detemiining if the token from the second bridge device is authentic by the first 
bridge device; and 

(f) securely providing the context to the second bridge device by the first bridge 
device, if the token from the second bridge device is authentic. 

1 1 . (Original) The method of claim 10, wherein the fourth message was created 
by the mobile device, wherein the fourth message comprises the first random number 
encrypted using a public key of the second bridge device, 

12. (Original) The method of claim 10, wherein the second message was created 
by the first bridge device, wherein the second message comprises a digital signature for the 
first random number and the identity. 

13. (Canceled) 

14. (Currently Amended) Th e m e thod of claim 1, wh e r e in th e d e t e rmining step 
( e ) compris e s: A method for roaming in a network environment, the network environment 
comprising a first bridge device at a first location, a second bridge device at a second 
location, and a mobile device which roams from the first location to the second location, 
comprising the steps of: 

(a) creating a token by the first bridge device, wherein the token comprises an 
identity of a context associated with the mobile device; 

(b) securely providing the token to the mobile device by the first bridge device; 

(c) securely providing the token to the second bridge device by the mobile device; 
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(d) securely providing the token to the first bridge device by the second bridge 

device: 

(e) determining if the token fi-om the second bridge device is authentic by the first 
bridge device, wherein determining if the token fi-om the second bridge device is authentic by 
the first bridge device comprises: 

(el) obtaining a second random number by the first bridge device by 
decrypting a sixth message of the token securely provided to the first bridge device by 
the second bridge device using a private key of the first bridge device; 

(e2) obtaining the second random number by the first bridge device by 
decrypting a fifth message of the token securely provided to the first bridge device by 
the second bridge device using a first random number; 

(e3) determining if the second random number firom the sixth message is 
the same as the second random number fi-om the fifth message; and 

(e4) determining if a digital signature from a second message of the token 
securely provided to the first bridge device by the second bridge device verifies a 
source of the token [[.]] : and 

(f) securely providing the context to the second bridge device by the first bridge 
device, if the token from the second bridge device is authentic. 

15. (Original) The method of claim 14, wherein the sixth message was created by 
the second bridge device, wherein the sixth message comprises the second random number 
encrypted by the second bridge device using a public key of the first bridge device. 
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16. (Original) The method of claim 14, wherein the fifth message was created by 
the second bridge device, wherein the fifth message comprises the second random number 
encrypted using the first random number. 

17. (Original) The method of claim 14, fiirther comprising: 

(e5) obtaining the first random number and the identity by decrypting a third 
message of the token securely provided to the first bridge device by the second bridge device 
using the private key of the first bridge device, wherein the third message was created by the 
first bridge device, wherein the third message comprises the first random number and the 
identity encrypted using a public key of the first bridge device. 

18. (Original) The method of claim 14, fiirther comprising: 

(e5) obtaining the first random number and the identity by the first bridge device 
fi"om a storage medium. 

19. (Currently Amended) Th e m e thod of claim 1, wheroin th e G e ouroly s e nding 
st e p (f) compris e s: A method for roaming in a network environment, the network 
environment comprising a first bridge device at a first location, a second bridge device at a 
second location, and a mobile device which roams fi-om the first location to the second 
location, comprising the steps of: 

(a) creating a token by the first bridge device, wherein the token comprises an 
identity of a context associated with the mobile device: 

(b) securely providing the token to the mobile device bv the first bridge device: 

(c) securely providing the token to the second bridge device by the mobile device: 

(d) securely providing the token to the first bridge device by the second bridge 

device: 
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(e) determining if the token from the second bridge device is authentic by the first 
bridge device; and 

(f) securely providing the context to the second bridge device by the first bridge 
device, if the token from the second bridge device is authentic, wherein securely providing 
the context to the second bridge device by the first bridge device comprises: 

(fl) encrypting the context associated with the mobile device by the first 
bridge device using a second random number obtained firom decrypting a sixth 
message of the token securely provided to the first bridge device by the second bridge 
device; and 

(f2) securely sending the encrypted context to the second bridge device. 

20. (Original) The method of claim 19, wherein the sixth message was created by 
the second bridge device, wherein the sixth message comprises the second random number 
encrypted using a public key of the first bridge device. 

21. (Original) The method of claim 19, fiirther comprising: 

(B) decrypting the context firom the first bridge device by the second bridge 
device using a private key of the second bridge device; and 

(f4) creating a new token by the second bridge device firom the decrypted context. 

22-24. (Canceled) 

25. (Original) A method for roaming in a network environment, the network 
environment comprising a first bridge device at a first location, a second bridge device at a 
second location, and a mobile device which roams firom the first location to the second 
location, comprising the steps of: 
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(a) creating a token by the first bridge device, wherein the token comprises: 

a first message comprising a first random number encrypted using a pubUc 
key of the mobile device, and 

a second message comprising a digital signature for the first random number 
and an identity of a context associated with the mobile device; 

(b) providing the token to the mobile device by the first bridge device; 

(c) decrypting the first message using a private key of the mobile device by the 
mobile device to obtain the first random number; 

(d) creating a fourth message by the mobile device comprising the first random 
number encrypted using a public key of the second bridge device; 

(e) providing a modified token to the second bridge device by the mobile device,, 
wherein the modified token comprises the fourth message and the second message; 

(f) decrypting the fourth message using a private key of the second bridge device 
by the second bridge device to obtain the first random number; 

(g) creating a fifth message by the second bridge device comprising a second 
random number encrypted using the first random number; 

(h) creating a sixth message by the second bridge device comprising the second 
random number encrypted using a public key of the first bridge device; 

(i) providing a twice modified token to the first bridge device by the second 
bridge device, wherein the twice modified token comprises the fifth message, the sixth 
message, and the second message; 

(j) decrypting the sixth message using a private key of the first bridge device by 
the first bridge device to obtain the second random number; 
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(k) decrypting a fifth message using the first random number by the first bridge 
device to obtain the second random number; 

(1) determining by the first bridge device if the second random number fi-om the 
sixth message is the same as the second random number fi-om the fifth message; 

(m) determining by the first bridge device if the digital signature from the second 
message verifies a source of the twice modified token; 

(n) encrypting the context of the identity by the first bridge device using the 
second random number, if the second random number from the sixth message is the same as 
the second random number from the fifth message and if the digital signature from the 
second message verifies the source of the twice modified token; and 

(o) providing the encrypted context to the second bridge device by the first bridge 

device. 

26. (Original) The method of claim 25, wherein the digital signature is an 
encrypted hash of the first random number and the identity. 

27. (Original) The method of claim 25, wherein the token created by the first 
bridge device fiarther comprises a third message comprising the first random number and the 
identity encrypted using the public key of the first bridge device. 

28. (Original) The method of claim 25, wherein the creating step (a) fiuther 
comprises: 

(al) storing the first random number and the identity in a storage medium by the 
first bridge device. 

29. (Original) The method of claim 25, wherein the modified token further 
comprises a third message created by the first bridge device, wherein the third message 
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comprises the first random number and the identity encrypted using the public key of the first 
bridge device. 

30. (Original) The method of claim 25, wherein the providing step (i) comprises: 
(il) providing the twice modified token to the first bridge device by the second 

bridge device through at least one intermediary device, wherein the twice modified token 
comprises the fifth message, the sixth message, and the second message. 

31. (Original) The method of claim 25, wherein the encrypting step (n) 
comprises: 

(nl) decrypting a third message using the private key of the first bridge device by the 
first bridge device to obtain the first random number and the identity, wherein the third 
message was created by the first bridge device by encrypted the third message using the 
public key of the first bridge device. 

32. (Original) The method of claim 25, wherein the encrypting step (n) 
comprises: 

(nl) obtaining the first random number and the identity from a storage medium by 
the first bridge device. 

33. (Original) The method of claim 25, wherein the providing step (o) comprises: 
(ol) providing the encrypted context to the second bridge device by the first bridge 

device through at least one intermediary device. 

34. (Original) The method of claims 25, fiirther comprising: 

(p) decrypting the encrypted context from the first bridge device by the second 
bridge device using the private key of the second bridge device; and 
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(q) creating a new token by the second bridge device. 

35. (Original) The method of claim 25, wherein the context comprises at least 

one of: 

information on how to maintain a status of a port to which the mobile device is 
connected; 

an identity of a virtual LAN to which the mobile device is connected; and 

information on how to return packets from the mobile device to various locations 
throughout the LAN. 

36. (Original) The method of claim 25, wherein the identity of the context is a 
number. 
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